The dangers associated with writing passwords down were expertly demonstrated by a Japanese airport worker over the weekend as the country prepared for the first visit by a US president in almost 20 years.

Rubbish bins and luggage lockers have been sealed and over 16,000 police officers have been mobilised in the capital city of Tokyo ahead of President Barack Obama’s visit Wednesday night – but it may be the loss of several passcodes that has caused the biggest security headache so far.

Speaking on Tuesday, a transport ministry official said that an employee of Skymark Airlines at Tokyo’s Haneda International Airport mislaid a printout containing key passcodes on Sunday.

The document was found just thirty minutes later on the floor of the departure lobby but the Japanese government were not prepared to take any chances.

Whilst there is no word on which areas of the airport would have been accessible with the lost codes, the ministry instructed the company that manages Haneda International to change them immediately in order to avoid even the slightest chance of a security breach.

The security faux pas comes at an awkward time for the airport, as it is just one month since the Metropolitan Police Department created a dedicated counter-terrorism unit tasked with securing the facility after the number of international flights was increased by almost fifty percent.

The same airport is also set to become a key destination when the Olympic games are hosted in the city in 2020.

It also comes at a time when airport security in general is under the spotlight following the news that a 16-year-old boy had survived a five-hour flight in an aircraft’s wheel well. The lad had jumped a fence at San Jose airport and was able to gain access to the plane’s undercarriage without alerting security.

But the Tokyo airport isn’t alone in having a problem with remembering security codes or passwords without the need to write them down – other organisations have had a good go at embarrassing themselves recently too.

Two years ago a televised ESPN interview took place in front of a wall which proudly displayed two passwords, and in February a CBS Super Bowl report clearly displayed the TV station’s WiFi username and password in the background.

So how can you choose a password that is both strong and easy enough to remember without having to write it down?

This video from Sophos gives some great practical advice on doing just that.

As said in the video, it would be foolish to then reuse that same password across the entire web because, should it be compromised in any way, the bad guys will then have access to ALL of your accounts.

Therefore, it would be wise to also use a password manager, such as KeePass or LastPass, which will allow you to store many complex passwords whilst only needing to remember one – and, whatever you do, don’t write it down!

Post navigation

About the author

Lee Munson is the founder of <a href="http://www.security-faqs.com/" rel="nofollow">Security FAQs</a>, a social media manager with BH Consulting and a blogger with a huge passion for information security.

You have to wonder at how good the security set-up is at Haneda if a single employee at a single airline has access to multiple areas that require different passwords. Unless the employee had a special role, it doesn’t make much sense.

It’s not clear to me how a password manager would have helped manage this situation. This was a physical breach, from the sounds of it.

The perfect password system doesn’t seem to have been developed yet. There are trade-offs whatever approach is used. The downside to a password manager is even the most complex password can be hacked and the use of a password manager suggests to the hacker that they will gain access to a lot of valuable information if they are successful in their efforts to break the “master” code.